ASP.NET Security and Webpages

[Guest]

I would like to start blocking some people from visiting certian pages of my website. I looked at all of the forms authentication pages and that seems extremly confusing. I was thinking about just hashing(?) the password asn storing them in an SQL database. Then on the pages that I want, using a sessions varible to verify that they are authenticated, I will allow access.

Anyone have any suggestions? Will this work and if so, how do you hash(?) passwords? Any good links? If it won't work, does anyone have any good links to articles about how to write authentication code.

Thanks

Devin

 

[Raterus]

Look at Forms Authentication again, start small. Of course new concepts are going to be confusing at first, but that certainly doesn't mean you should avoid it, you'll never be a good programmer if you never learn!. Don't settle for your own way of doing it just because you feel comfortable doing it that way, You are bound to introduce more holes in your system doing it that way than to work with a tried and true technology.

 

[GSK]

I agree with Raterus.

Here is an excellent article on salting hashes:
http://www.dotnetjunkies.com/Tutorial/77D4AFDC-585D-4539-A364-30028327FF14.dcik

- gsk.
http://www.meblogic.com

I would like to start blocking some people from visiting certian pages of

my website. I looked at all of the forms authentication pages and that seems
extremly confusing. I was thinking about just hashing(?) the password asn
storing them in an SQL database. Then on the pages that I want, using a
sessions varible to verify that they are authenticated, I will allow access.

Anyone have any suggestions? Will this work and if so, how do you hash(?)

passwords? Any good links? If it won't work, does anyone have any good links
to articles about how to write authentication code.